Fix session race conditions when composing new messages

CHANGELOG

@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix session race conditions when composing new messages
 - Fix encoding of LDAP contacts identifiers (#1488079)
 - jQuery 1.6.4
 - Make date/time format user configurable; drop 'date_today' config option

program/include/rcube_json_output.php

@@ -219,6 +219,7 @@ class rcube_json_output
      */
     public function send()
     {
+      sleep(6);
         $this->remote_response();
         exit;
     }

program/include/rcube_session.php

@@ -321,9 +321,9 @@ class rcube_session
    */
   public function cleanup()
   {
-    // current compose information is stored in $_SESSION['compose'], move it to $_SESSION['compose_data']
+    // current compose information is stored in $_SESSION['compose'], move it to $_SESSION['compose_data_<ID>']
-    if ($_SESSION['compose']) {
+    if ($compose_id = $_SESSION['compose']['id']) {
-      $_SESSION['compose_data'][$_SESSION['compose']['id']] = $_SESSION['compose'];
+      $_SESSION['compose_data_'.$compose_id] = $_SESSION['compose'];
       $this->remove('compose');
     }
   }

program/steps/mail/attachments.inc

@@ -25,7 +25,7 @@ if (!empty($_GET['_progress'])) {
 }
 
 $COMPOSE_ID = get_input_value('_id', RCUBE_INPUT_GPC);
-$_SESSION['compose'] = $_SESSION['compose_data'][$COMPOSE_ID];
+$_SESSION['compose'] = $_SESSION['compose_data_'.$COMPOSE_ID];
 
 if (!$_SESSION['compose']) {
   die("Invalid session var!");

program/steps/mail/compose.inc

@@ -29,7 +29,7 @@ $MESSAGE_FORM = NULL;
 $MESSAGE = NULL;
 
 $COMPOSE_ID = get_input_value('_id', RCUBE_INPUT_GET);
-$_SESSION['compose'] = $_SESSION['compose_data'][$COMPOSE_ID];
+$_SESSION['compose'] = $_SESSION['compose_data_'.$COMPOSE_ID];
 
 // Nothing below is called during message composition, only at "new/forward/reply/draft" initialization or
 // if a compose-ID is given (i.e. when the compose step is opened in a new window/tab).
@@ -39,7 +39,7 @@ if (!is_array($_SESSION['compose']))
   if ($COMPOSE_ID)
     raise_error(array('code' => 500, 'type' => 'php',
       'file' => __FILE__, 'line' => __LINE__,
-      'message' => "Invalid session"), true, true);
+      'message' => "Invalid compose ID"), true, true);
 
   $_SESSION['compose'] = array(
     'id' => uniqid(mt_rand()),

program/steps/mail/func.inc

@@ -1430,12 +1430,12 @@ function rcmail_message_part_frame($attrib)
  */
 function rcmail_compose_cleanup($id)
 {
-  if (!isset($_SESSION['compose_data'][$id]))
+  if (!isset($_SESSION['compose_data_'.$id]))
     return;
 
   $rcmail = rcmail::get_instance();
   $rcmail->plugins->exec_hook('attachments_cleanup', array('group' => $id));
-  unset($_SESSION['compose_data'][$id]);
+  $rcmail->session->remove('compose_data_'.$id);
 }
 
 

program/steps/mail/sendmail.inc

@@ -27,7 +27,7 @@ $OUTPUT->framed = TRUE;
 $savedraft = !empty($_POST['_draft']) ? true : false;
 
 $COMPOSE_ID = get_input_value('_id', RCUBE_INPUT_GPC);
-$_SESSION['compose'] = $_SESSION['compose_data'][$COMPOSE_ID];
+$_SESSION['compose'] = $_SESSION['compose_data_'.$COMPOSE_ID];
 
 /****** checks ********/